//package com.dcits.filter.xss;
//
//import com.dcits.secrity.SecurityProperties;
//
//import javax.servlet.*;
//import javax.servlet.http.HttpServletRequest;
//import java.io.IOException;
//import java.util.ArrayList;
//import java.util.List;
//import java.util.Objects;
//
//public class XSSFilter implements Filter {
//    private SecurityProperties securityProperties;
//
//    public XSSFilter() {
//
//    }
//
//    public XSSFilter(SecurityProperties securityProperties) {
//        this.securityProperties = securityProperties;
//    }
//
//    @Override
//    public void init(FilterConfig filterConfig) throws ServletException {
//    }
//
//    @Override
//    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
//        if (securityProperties != null && securityProperties.isEnabled() && securityProperties.getXss().isEnabled()) {
//            //已配置忽略URI
//            if (!Objects.isNull(securityProperties.getXss().getIngoreUri())) {
//                final String[] split = securityProperties.getXss().getIngoreUri().split(",");
//                List<String> list = new ArrayList<>();
//                for (String ingoreUri : split) {
//                    list.add(ingoreUri.replaceAll("\\*", ""));
//                }
//                final String requestURI = ((HttpServletRequest) request).getRequestURI();
//                for (String url : list) {
//                    if (requestURI.startsWith(url)) {
//                        chain.doFilter(request, response);
//                        return;
//                    }
//                }
//            }
//            chain.doFilter(new XSSRequestWrapper((HttpServletRequest) request), response);
//        } else {
//            chain.doFilter(request, response);
//        }
//
//    }
//
//    @Override
//    public void destroy() {
//    }
//}